Wrox Programmer Forums
|
Classic ASP Professional For advanced coder questions in ASP 3. NOT for ASP.NET 1.0, 1.1, or 2.0.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Classic ASP Professional section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old June 17th, 2008, 01:33 AM
Authorized User
 
Join Date: Jan 2008
Posts: 15
Thanks: 0
Thanked 0 Times in 0 Posts
Default Sql Injunction Problem

I have a site built in asp 3.0. i am using ado.net for database operations. now what i am doing is using direct queries for databse operations. i want to make sure that no one do any sql injunction in a way that no one use any sql statement in query parameters. like if i have a statement

         select * from tableA where id = "&id

then one can provide id=1;drop table tableB

and that can cause problem

is there any way to detect and block these in code.






Similar Threads
Thread Thread Starter Forum Replies Last Post
SQL Problem pannet1 BOOK: Access 2003 VBA Programmer's Reference 4 April 16th, 2005 10:03 PM
SQL problem Lexus SQL Language 2 January 20th, 2005 09:25 AM
SQL problem Clive Astley Access VBA 4 October 19th, 2004 10:42 AM
SQL problem Clive Astley Access 4 October 19th, 2004 01:49 AM
SQL Problem tjw Access 1 November 12th, 2003 09:22 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.